I am running Letsencrypt on my Unraid Server for several years. I am using it for nextcloud as well as Home Assistant and Node Red.
Letsencrypt is listening on port 443 in my internal network and I have a portforwarding from my Public IP to that Letsencrypt container.
On my internal DNS Server I have the entries for the mentioned services as well to not route the traffic out on my router and back again.
Now I want to remove Home Assistant and Node Red from external access and use “On Demand VPN” on my iPhone.
To get this working I have to remove the entries on the public DNS, but then also Letsencrypt is not working anymore and also my internal devices are not able to connect anymore. I still want to use Letsencrypt, because then no app will complain on “unencrypted” sites…